A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Support
Quality
Security
License
Reuse
Automatic SQL injection and database takeover tool
Support
Quality
Security
License
Reuse
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Support
Quality
Security
License
Reuse
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Support
Quality
Security
License
Reuse
PowerSploit - A PowerShell Post-Exploitation Framework
Support
Quality
Security
License
Reuse
🤖 The Modern Port Scanner 🤖
Support
Quality
Security
License
Reuse
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Support
Quality
Security
License
Reuse
Information gathering framework for phone numbers
Support
Quality
Security
License
Reuse
Web path scanner
Support
Quality
Security
License
Reuse
Fast web fuzzer written in Go
Support
Quality
Security
License
Reuse
E-mails, subdomains and names Harvester - OSINT
Support
Quality
Security
License
Reuse
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Support
Quality
Security
License
Reuse
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Support
Quality
Security
License
Reuse
The Browser Exploitation Framework Project
Support
Quality
Security
License
Reuse
Fast subdomains enumeration tool for penetration testers
Support
Quality
Security
License
Reuse
Six Degrees of Domain Admin
Support
Quality
Security
License
Reuse
An open-source post-exploitation framework for students, researchers and developers.
Support
Quality
Security
License
Reuse
Credentials recovery project
Support
Quality
Security
License
Reuse
Directory/File, DNS and VHost busting tool written in Go
Support
Quality
Security
License
Reuse
Fast passive subdomain enumeration tool.
Support
Quality
Security
License
Reuse
hydra
Support
Quality
Security
License
Reuse
Damn Vulnerable Web Application (DVWA)
Support
Quality
Security
License
Reuse
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Support
Quality
Security
License
Reuse
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
Support
Quality
Security
License
Reuse
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Support
Quality
Security
License
Reuse
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
Support
Quality
Security
License
Reuse
p
public-pentesting-reportsby juliocesarfort
CSS 
7336 Version:Current
License: No License (No License)
License: No License (No License)A list of public penetration test reports published by several consulting firms and academic security groups.
Support
Quality
Security
License
Reuse
Empire is a PowerShell and Python post-exploitation agent.
Support
Quality
Security
License
Reuse
External Attack Surface Management Platform
Support
Quality
Security
License
Reuse
OneForAll是一款功能强大的子域收集工具
Support
Quality
Security
License
Reuse
Infection Monkey - An open-source adversary emulation platform
Support
Quality
Security
License
Reuse
Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
Support
Quality
Security
License
Reuse
Adversary Emulation Framework
Support
Quality
Security
License
Reuse
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Support
Quality
Security
License
Reuse
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Support
Quality
Security
License
Reuse
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Support
Quality
Security
License
Reuse
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Support
Quality
Security
License
Reuse
Web application fuzzer
Support
Quality
Security
License
Reuse
Gather and update all available and newest CVEs with their PoC.
Support
Quality
Security
License
Reuse
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Support
Quality
Security
License
Reuse
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
Support
Quality
Security
License
Reuse
The all-in-one Red Team extension for Web Pentester 🛠
Support
Quality
Security
License
Reuse
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
Support
Quality
Security
License
Reuse
Next generation web scanner
Support
Quality
Security
License
Reuse
A Workflow Engine for Offensive Security
Support
Quality
Security
License
Reuse
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Support
Quality
Security
License
Reuse
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Support
Quality
Security
License
Reuse
This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
Support
Quality
Security
License
Reuse
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Support
Quality
Security
License
Reuse
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Support
Quality
Security
License
Reuse
P
PayloadsAllTheThingsby swisskyrepo
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Python 48439Updated: 1 y ago License: Permissive (MIT)
48439Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
s
sqlmapby sqlmapproject
Automatic SQL injection and database takeover tool
Python 27305Updated: 1 y ago License: Proprietary (Proprietary)
27305Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
h
h4ckerby The-Art-of-Hacking
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Jupyter Notebook 13889Updated: 1 y ago License: Permissive (MIT)
13889Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
n
nucleiby projectdiscovery
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Go 13322Updated: 1 y ago License: Permissive (MIT)
13322Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
P
PowerSploitby PowerShellMafia
PowerSploit - A PowerShell Post-Exploitation Framework
PowerShell 10648Updated: 1 y ago License: Proprietary (Proprietary)
10648Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
R
RustScanby RustScan
🤖 The Modern Port Scanner 🤖
Rust 10160Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
10160Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
v
vulsby future-architect
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Go 10049Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
10049Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
p
phoneinfogaby sundowndev
Information gathering framework for phone numbers
Go 9879Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
9879Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
d
Support
Quality
Security
License
Reuse
f
Support
Quality
Security
License
Reuse
t
theHarvesterby laramies
E-mails, subdomains and names Harvester - OSINT
Python 8676Updated: 1 y ago License: No License (No License)
8676Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
x
xrayby chaitin
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
JavaScript 8531Updated: 1 y ago License: Proprietary (Proprietary)
8531Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
G
GTFOBins.github.ioby GTFOBins
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
HTML 8470Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
8470Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
b
beefby beefproject
The Browser Exploitation Framework Project
JavaScript 8466Updated: 1 y ago License: No License (No License)
8466Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
S
Sublist3rby aboul3la
Fast subdomains enumeration tool for penetration testers
Python 8345Updated: 1 y ago License: Strong Copyleft (GPL-2.0)
8345Updated: 1 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
B
BloodHoundby BloodHoundAD
Six Degrees of Domain Admin
PowerShell 8338Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
8338Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
b
byobby malwaredllc
An open-source post-exploitation framework for students, researchers and developers.
Python 8323Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
8323Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
L
LaZagneby AlessandroZ
Credentials recovery project
Python 8235Updated: 1 y ago License: Weak Copyleft (LGPL-3.0)
8235Updated: 1 y ago License: Weak Copyleft (LGPL-3.0)Support
Quality
Security
License
Reuse
g
gobusterby OJ
Directory/File, DNS and VHost busting tool written in Go
Go 7747Updated: 1 y ago License: Permissive (Apache-2.0)
7747Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
s
subfinderby projectdiscovery
Fast passive subdomain enumeration tool.
Go 7741Updated: 1 y ago License: Permissive (MIT)
7741Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
t
Support
Quality
Security
License
Reuse
D
DVWAby digininja
Damn Vulnerable Web Application (DVWA)
PHP 7692Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
7692Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
e
evilginx2by kgretzky
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Go 7634Updated: 1 y ago License: Permissive (BSD-3-Clause)
7634Updated: 1 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
w
wpscanby wpscanteam
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
Ruby 7607Updated: 1 y ago License: Proprietary (Proprietary)
7607Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
n
nishangby samratashok
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
PowerShell 7572Updated: 1 y ago License: Proprietary (Proprietary)
7572Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
f
fuzzdbby fuzzdb-project
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
PHP 7455Updated: 1 y ago License: No License (No License)
7455Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
p
public-pentesting-reportsby juliocesarfort
A list of public penetration test reports published by several consulting firms and academic security groups.
CSS 7336Updated: 1 y ago License: No License (No License)
7336Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
E
Empireby EmpireProject
Empire is a PowerShell and Python post-exploitation agent.
PowerShell 6970Updated: 2 y ago License: Permissive (BSD-3-Clause)
6970Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
S
Sn1perby 1N3
External Attack Surface Management Platform
Shell 6531Updated: 1 y ago License: Proprietary (Proprietary)
6531Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
O
OneForAllby shmilylty
OneForAll是一款功能强大的子域收集工具
Python 6493Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
6493Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
m
monkeyby guardicore
Infection Monkey - An open-source adversary emulation platform
Python 6193Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
6193Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
p
poisontapby samyk
Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
JavaScript 5967Updated: 1 y ago License: No License (No License)
5967Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
s
sliverby BishopFox
Adversary Emulation Framework
Go 5909Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
5909Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
r
rengineby yogeshojha
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
JavaScript 5567Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
5567Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
P
Penetration_Testing_POCby Mr-xn
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
PowerShell 5384Updated: 1 y ago License: Permissive (Apache-2.0)
5384Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
a
awesome-hacker-search-enginesby edoardottt
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Shell 5330Updated: 1 y ago License: Permissive (MIT)
5330Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
h
httpxby projectdiscovery
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Go 5265Updated: 1 y ago License: Permissive (MIT)
5265Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
w
Support
Quality
Security
License
Reuse
c
cveby trickest
Gather and update all available and newest CVEs with their PoC.
HTML 5032Updated: 1 y ago License: Permissive (MIT)
5032Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
I
Infosec_Referenceby rmusser01
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
CSS 5005Updated: 1 y ago License: Permissive (MIT)
5005Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
ptfby trustedsec
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
Python 4697Updated: 1 y ago License: No License (No License)
4697Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
H
Hack-Toolsby LasCC
The all-in-one Red Team extension for Web Pentester 🛠
TypeScript 4691Updated: 1 y ago License: No License (No License)
4691Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
c
commando-vmby fireeye
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
PowerShell 4666Updated: 3 y ago License: Permissive (Apache-2.0)
4666Updated: 3 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
W
WhatWebby urbanadventurer
Next generation web scanner
Ruby 4514Updated: 1 y ago License: Strong Copyleft (GPL-2.0)
4514Updated: 1 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
o
osmedeusby j3ssie
A Workflow Engine for Offensive Security
Go 4495Updated: 1 y ago License: Permissive (MIT)
4495Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
1
1earnby ffffffff0x
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
C++ 4415Updated: 1 y ago License: No License (No License)
4415Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
r
reconftwby six2dez
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
HTML 4334Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
4334Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
w
wooyun_publicby hanc00l
This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
PHP 4308Updated: 2 y ago License: No License (No License)
4308Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
w
w3afby andresriancho
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Python 4245Updated: 1 y ago License: No License (No License)
4245Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
E
EyeWitnessby RedSiege
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Python 4222Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
4222Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse